SAP Data Custodian – get back control of your data in the cloud

Wasif Gilani

Posted by Wasif Gilani on

Chief Product Owner SAP Data Custodian

More by this author

SAP is a powerful and reputed player in the compliance and data protection, domain with an excellent track record of protecting our customers’ data. We are continually developing novel and effective solutions to help protect our customers’ data from all types of risks – whether they store it on-premise or on the SAP Cloud.

With the recent release of our SAP Data Custodian for the Google Cloud Platform, SAP is going an extra mile to offer additional layers of protection for our customers’ data on the Google Cloud Platform.

 

Transparency and Control with SAP Data Custodian

SAP and Google customers can take advantage of Data Custodian’s robust data transparency and control features for protecting their data on the Google Cloud Platform. With a unique “Union” concept, our customers can restrict their data to a specific geo-location or a set of geo-locations in a globally connected cloud. These geo-locations, for example, can be a set of countries offering an adequate level of data protection as determined by the European Commission.

Our powerful policy engine enables customers to flexibly configure software defined data placement, movement, processing and access policies for the Union. A unique feature is to provide our customers the transparency and control of all accesses happening from the cloud provider side, Google Cloud in this case. For example, a customer can define a policy to alert on non-compliant accesses including the cloud provider access to their data placed in German data centers from the United States, Argentina and Brazil. A customer can define multiple Unions; for example, a Union for a production environment with strong data placement and access policies, and a Union for a development environment with relaxed geo access policies. Once the policies are configured, SAP Data Custodian continuously monitors and alerts users on policy violations.

SAP Data Custodian cockpit screen provides a comprehensive overview of all Unions created, along with the overall compliance percentage and alerts. The customers can navigate into individual Unions to see Union specific compliance, and analyze and resolve alerts. A powerful visualization of data placement, movement, processing and access enables our customers to have full transparency of their cloud environment and to quickly analyze and resolve alerts.

 

 

A click on an alert provides extensive information on the alert, including the geo-location of the data accessed, identity and geo-location of the accessor, reason for the access, actions performed during the access, policy violated, time stamp, amongst others.

The Data Custodian further enables quick adjustment of policies according to changing business requirements or data protection regulations. For example, a customer can quickly adjust a data placement policy to allow storage of their data in a country recently determined by the European Commission to have an adequate level of data protection. Another example is the need to update an access policy, to deny all types of accesses from a country that has come under an embargo. This software defined policy enforcement is far more flexible than the traditional approach of establishing localized data centers, which of course fulfills the localized data placement requirement, but is a very expensive approach and does not satisfy the access requirements.

 

For our next release of the SAP Data Custodian solution, we are working on introducing additional control features to offer our customers unparalleled levels of data protection and privacy on the Google Cloud Platform.

How do I learn more?

SAP and Google teams will be demonstrating the SAP Data Custodian solution at Google Cloud Next 2018. If you’re planning to be at Google Cloud Next, please stop by to learn more about SAP Data Custodian at the SAP booth, W1330, and please join us at session SEC116, “Increased Transparency and Control of Your Data in GCP.” For further details, please visit our webpage at: https://www.sap.com/products/data-custodian.html. If you would like to learn more, please contact us at SAP_DataCustodian@sap.com.

VN:F [1.9.22_1171]
Average User Rating
Rating: 5.0/5 (5 votes cast)
SAP Data Custodian – get back control of your data in the cloud, 5.0 out of 5 based on 5 ratings

377 Views